Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
File: 6b8f6f39-f637-434c-84f1-a8371e897703.roa (raw, json)
Hash identifier: h+OjBOrv4Fhc5f+Z0PGBhYCh0WBlFzI3TBl0ATLe9lY=
Subject key identifier: 43:CB:6D:E1:CD:03:B5:09:3A:7F:5F:FB:06:37:3D:91:DD:4D:25:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2AAFF5A47FAE54DE19D2DD2802524377490CCBE4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:af:f5:a4:7f:ae:54:de:19:d2:dd:28:02:52:43:77:49:0c:cb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=2102021cd87bda5ca7acee9c7a9a6621d94c95753b55cc3b6a3fe01e35ac2fec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2b:68:b5:a1:4e:d9:52:e6:65:3e:d5:ab:85:
f1:1c:60:5b:59:cf:c8:c3:60:fc:9c:3a:e0:95:46:
0f:2f:51:de:ae:2e:76:19:9b:da:bf:bf:60:42:5a:
5a:dc:ac:35:36:82:b7:8d:81:a3:9a:29:b2:ea:64:
df:6b:4a:5a:d9:b0:1d:f4:65:3c:ef:23:2d:cf:69:
c7:24:a4:ce:a3:21:ea:a4:8f:d2:59:9f:43:1c:80:
5f:84:b9:c0:61:c8:97:28:47:54:06:f0:91:f4:da:
ad:35:e2:66:26:7a:38:d3:4e:f4:6c:fc:65:ef:f3:
4b:33:b3:9f:bd:2f:c8:e5:4f:c7:9b:84:eb:ba:5e:
e4:8a:24:39:e9:5b:ba:93:55:cb:8d:1c:d8:bb:b4:
49:f0:60:e9:f5:0f:b2:dc:d0:b6:34:10:16:8b:b0:
06:80:b1:58:ed:87:90:53:ad:ad:60:94:ce:01:d5:
d5:0d:dc:20:41:1a:22:fa:9d:59:c9:df:74:9f:e0:
87:fd:cf:5c:ff:a8:07:2d:a5:ef:bc:68:4c:ff:df:
3c:6a:90:52:74:d0:68:b8:ea:6d:b9:63:cf:59:e1:
a1:d1:27:43:d8:a3:b1:b1:41:cb:7d:84:61:e8:1b:
a3:0b:8b:c8:27:b8:35:13:b8:05:17:f2:ac:20:d8:
95:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CB:6D:E1:CD:03:B5:09:3A:7F:5F:FB:06:37:3D:91:DD:4D:25:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:e3:82:27:e5:0d:39:6f:18:7f:2b:81:b1:bb:99:bd:5d:1b:
7c:d8:be:ba:d1:2a:29:db:99:ab:cf:b1:6b:29:a8:83:4c:e2:
d0:36:40:5c:95:8d:70:52:77:fc:5c:f6:fd:7b:7f:8e:7e:0c:
62:44:e7:aa:1a:3d:b0:1c:77:cf:75:e8:91:08:59:15:68:67:
56:36:dc:02:f5:66:4e:b6:ee:fe:89:93:72:a1:05:ce:78:9a:
26:9e:a5:59:89:a0:43:01:24:30:48:2d:c2:16:1d:90:45:b5:
ae:34:65:ca:98:63:6c:48:81:b8:4a:32:59:de:3a:68:f7:22:
ce:22:ef:ac:a0:69:73:47:22:e0:18:51:e8:90:e2:5a:f7:3e:
60:e7:e1:76:5b:26:90:19:6b:5c:ed:18:72:fa:e1:00:67:c2:
63:53:06:02:55:9f:f3:26:a9:d3:98:7e:b1:d8:42:20:f5:da:
87:85:5d:1d:68:be:06:f8:74:1f:3c:ce:7d:e3:a2:dd:60:be:
0e:36:35:08:a0:62:db:9d:09:43:db:e1:33:3c:29:48:1c:1a:
4d:b7:b6:59:9f:2e:87:00:6c:a2:0e:1f:53:6b:cd:46:23:83:
31:72:e8:8d:e8:27:76:8f:ad:b4:1d:d9:f2:c2:bd:f3:bc:b9:
e3:fe:07:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKq/1pH+uVN4Z0t0oAlJDd0kMy+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMDIwMjFjZDg3YmRhNWNhN2FjZWU5YzdhOWE2NjIxZDk0Yzk1NzUzYjU1
Y2MzYjZhM2ZlMDFlMzVhYzJmZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsraLWhTtlS5mU+1auF8RxgW1nPyMNg/Jw64JVGDy9R3q4udhmb2r+/YEJa
WtysNTaCt42Bo5opsupk32tKWtmwHfRlPO8jLc9pxySkzqMh6qSP0lmfQxyAX4S5
wGHIlyhHVAbwkfTarTXiZiZ6ONNO9Gz8Ze/zSzOzn70vyOVPx5uE67pe5IokOelb
upNVy40c2Lu0SfBg6fUPstzQtjQQFouwBoCxWO2HkFOtrWCUzgHV1Q3cIEEaIvqd
WcnfdJ/gh/3PXP+oBy2l77xoTP/fPGqQUnTQaLjqbbljz1nhodEnQ9ijsbFBy32E
YegbowuLyCe4NRO4BRfyrCDYlSkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRDy23h
zQO1CTp/X/sGNz2R3U0lLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmI4ZjZmMzktZjYzNy00MzRjLTg0ZjEtYTgzNzFlODk3NzAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBG44In5Q05bxh/K4Gxu5m9XRt82L660Sop25mrz7Fr
KaiDTOLQNkBclY1wUnf8XPb9e3+OfgxiROeqGj2wHHfPdeiRCFkVaGdWNtwC9WZO
tu7+iZNyoQXOeJomnqVZiaBDASQwSC3CFh2QRbWuNGXKmGNsSIG4SjJZ3jpo9yLO
Iu+soGlzRyLgGFHokOJa9z5g5+F2WyaQGWtc7Rhy+uEAZ8JjUwYCVZ/zJqnTmH6x
2EIg9dqHhV0daL4G+HQfPM5946LdYL4ONjUIoGLbnQlD2+EzPClIHBpNt7ZZny6H
AGyiDh9Ta81GI4MxcuiN6Cd2j620Hdnywr3zvLnj/gep
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org